Chrome. Mac OS (M1 Mac Studio). Montery latest. Bitwarden logs me out every new page

marcwarden · August 31, 2022, 9:26pm

Have the chrome extension and the Mac OS bitwarden app on my Mac Studio. In chrome every page I go to the bitwarden extension locks. I unlock it with fingerprint and then the next page or tab I open it locks up again. Timeout is set to 4 HOURS.

Anyone else seeing this?

dh024 · August 31, 2022, 11:53pm

Strange. I can’t replicate this on my M1 MacBook Pro running latest Safari and Monterey.

You might try going into the extension in Safari (not another Bitwarden client, because the setting is device-specific) and change the timeout to Never, restart Safari, and then change it back to 4 hours. Hopefully that resets it.

marcwarden · September 1, 2022, 2:22am

Couple observations as I troubleshoot.

I’m using chrome not safari @dh024
I think this may have something to do with using biometrics with Bitwarden. I had it set to biometrics and was using TouchID on my keyboard on the Mac. It seems this started when I enabled that feature. I disabled it and so far it has not locked up with new tabs, page refreshes, clicking links, etc. A little early to be 100% but so far it is pointing to this as the issue.

Bitwarden may want to take a look at the biometrics code and see why it is locking up and not honoring the vault timeout at all but instead locking on page loads.

dh024 · September 1, 2022, 4:37am

Sorry @marcwarden - not sure why I was thinking Safari when you clearly said Chrome.

bw-admin · September 1, 2022, 12:50pm

Hey @marcwarden I haven’t experienced this behavior on my end, have you tried removing and reinstalling the extesion?

You can also open an issue on Github with your details (OS version, Bitwarden version, etc…) for the team to investigate.

marcwarden · September 2, 2022, 8:44pm

I have opened the issue on Github. This is definitively a biometric issue on Mac OS with my system running Monterey latest version and latest bitwarden versions in safari, chrome and desktop. Disabling biometrics was the only solution to stop it immediately. When biometrics are enabled I was forced in chrome and safari to unlock Bitwarden on every new page load. As soon as a hyperlink was clicked on any webpage it instantly locked the vault. With biometrics OFF it no longer does this and honors the 4 hour timeout.

bw-admin · September 6, 2022, 12:39pm

Thanks for clarification, can you share the issue link?

marcwarden · September 6, 2022, 1:23pm

github.com/bitwarden/clients

Biometrics requires authorization on every page load. Mac, Chrome & Safari

opened 08:42PM - 02 Sep 22 UTC

marcvig

bug browser

### Steps To Reproduce Running Mac OS Monterey 12.5.1 on Mac Studio M1 Max. La…test Safari release and version 105.0.5195.52 (Official Build) (arm64) for Chrome. Bitwarden Chrome version 2022.8.0. Desktop version 2022.8.1. Safari extension version 2022.8.0 With desktop app unlocked and both browser extensions unlocked as soon as I click to navigate to another page Bitwarden locks the vault. I click it to unlock with biometrics and it unlocks. As soon as I click a link it locks again. This makes it unusable with biometrics. Disabling biometrics has solved the problem for both Safari and Chrome ### Expected Result I would expect to unlock Bitwarden and have it respect the 4 hour timeout to lock the vault before requesting it be unlocked again. ### Actual Result I unlock the vault with biometrics and it immediately locks it after clicking a link in either chrome or safari. ### Screenshots or Videos _No response_ ### Additional Context _No response_ ### Operating System macOS ### Operating System Version Monterey 12.5.1 ### Web Browser Chrome, Safari ### Browser Version 105.0.5195.52 (Official Build) (arm64) Chrome ### Build Version 2022.8.0 and 2022.8.1

@dwbit